You can read here about how and why Fabege processes your personal data, and about your rights.

Fabege AB (publ) corp. reg. no. 556049–1523 is data controller when it comes to processing your personal data. You will find further information to follow and under the links below.

Fabege takes no responsibility for your privacy on, or the content of, external websites to which there may be links on www.fabege.com.

Your rights

You have certain rights under GDPR when it comes to your personal data:

  • Right of access – You are entitled to receive certain information on our processing of your personal data. Such information is provided via this information document. You are also entitled to access a copy of the personal data we process about you.
  • Right to rectification – You are entitled to have incorrect personal data about you rectified.
  • Right to erasure – Under certain circumstances you are entitled to have your personal data erased. This is usually known as “the right to be forgotten”. The right to erasure is, however conditional, and a request can be submitted without any action being taken.
  • Right to restriction of processing – Under certain circumstances you are entitled to demand that the processing of your personal data be restricted. The right to restriction of processing is, however conditional, and a request can be submitted without any action being taken.
  • Right to data portability – You are entitled to receive details of the personal data you have submitted to us (or request transfer of the data directly from us to a new data controller) in a structured, generally used and machine-readable format.
  • Right to object – You are entitled to object to our processing of your personal data if we are processing it based on a balancing test or for direct marketing purposes.

If you have any questions on our processing of your personal data or wish to invoke your rights, contact us at gdpr@fabege.se. You are also entitled to make complaints concerning our personal data processing to the Swedish supervisory authority "Swedish Authority for Privacy Protection".

Who has access to your personal data?

To fulfil the purposes according to which we process personal data, we may need to share your personal data with suppliers that provide us with services, such as those in charge of operating and supporting our systems, and recruitment companies. Fabege continues to be responsible for the processing of your personal data that our suppliers perform on our behalf, and our suppliers may not use this personal data for purposes other than those we specify.

When we use suppliers, it may involve your personal data being transferred to countries outside the EEA (i.e. a third country). For transfer to countries that the EU Commission has decided do not have adequate levels of data protection, the transfer is based on the EU Commission’s standard contractual clauses, or Privacy Shield (regarding transfers to the US). This means that all such transfers therefore take place in accordance with applicable legislation.

Fabege carries out video surveillance in selected areas of our property portfolio. We do this to improve security, prevent crime, support legal claims and manage disturbances. The legal basis for video surveillance is thus a legitimate interest that in a balancing test outweighs that of the individual’s privacy protection interest.

Video surveillance

With video surveillance, Fabege processes personal data by taking images and complies with the relevant data protection legislation and guidelines issued by trade association Fastighetsägarna (Swedish Real Estate Owners’ Association).

The purpose of video surveillance is assessed on a case-by-case basis, but may, for example, be to prevent crime. The legal basis for Fabege’s video surveillance often involves a balancing test, which is carried out and documented in each individual case.

Only a limited number of people at Fabege have access to footage from video surveillance. Recorded material is only forwarded to the relevant authority following a special review.

Fabege does not keep any recorded material for longer than is necessary to satisfy the purpose of the surveillance. This means that as a rule, material is not kept for longer than two weeks. Material is only saved for longer than two weeks in cases where an authority has issued a request to surrender the material and Fabege needs to conduct a special review into whether or not the material may be handed over.

As a data subject, you always have the opportunity to submit a request based on your rights, for example the right to erasure. If you have any questions about your rights or our video surveillance, you can always contact us at gdpr@fabege.se.

If you feel that Fabege has breached its obligations in relation to video surveillance, you are entitled to take your complaint to Swedish Authority for Privacy Protection.

For tenants

What personal data about you do we process?

We will process any personal data that you provide us with. If you are the contact for a tenant, your personal data may be submitted to us by the tenant. Personal data such as this mainly includes name, address, national identity number, telephone number and email address.
We may supplement your personal data by obtaining credit information to assess your or your company’s financial capability.

Why do we process your personal data?

We process your personal data exclusively for the purposes, and in accordance with, the legal grounds stated below.

Purpose of the processing Legal grounds for the processing
To manage our relationship and fulfil our commitments as a landlord to you or the tenant.

If you are a private individual or sole trader: The processing is necessary for the fulfilment of our lease.

If you are the contact for the tenant: The processing is necessary for our legitimate interest of managing and fulfilling our obligations as a landlord.
To manage and receive your rental payments.

If you are a private individual or sole trader: The processing is necessary for the fulfilment of our lease.

If you are the contact for the tenant: The processing is necessary for our legitimate interest of invoicing and receiving payment for the premises from the tenant
To continually manage and maintain the rental premises.

If you are a private individual or sole trader: The processing is necessary for the fulfilment of our lease.

If you are the contact for the tenant: The processing is necessary for our legitimate interest of managing and fulfilling our obligations as a landlord.
To provide service and manage fault reporting.

If you are a private individual or sole trader: The processing is necessary for the fulfilment of our lease.

If you are the contact for the tenant: The processing is necessary for our legitimate interest of addressing faults and problems in the property and on the premises.
Collating statistics at an overall level. The processing is necessary to satisfy our legitimate interest of acquiring greater market and customer insight and evaluating our business.
To communicate relevant offers to you about our and other companies’ (e.g. insurance companies) products and services. The processing is necessary in order to satisfy our legitimate interest of communicating relevant offers and services to you.

How long do we save your personal data for?

If you are a contact for a tenant, your personal data is processed for as long as you remain the designated contact. If you are a private individual or sole trader who is a tenant, your personal data is processed for as long as you remain one of our tenants.

We delete your personal data no more than six months after the end of our rental relationship, unless we need to save the data for a longer period due to legal requirements, for example the Swedish Bookkeeping Act, or because there are outstanding rent receivables or other legal claims.

For suppliers and other contractual parties

What personal data about you do we process?

We will process any personal data that we are provided with. Personal data such as this mainly includes name, address, national identity number, telephone number and email address.

We may collect personal data by obtaining credit information to assess your or your company’s financial capability.

Why do we process your personal data?

We process your personal data exclusively for the purposes, and in accordance with, the legal grounds stated below.

Purpose of the processing Legal grounds for the processing
To manage our relationship and fulfil our commitments according to our contract.

If you are a private individual or sole trader: The processing is necessary for the fulfilment of our contract.

If you are a contact or the person responsible for fulfilling your obligation according to the contract: The processing is necessary for our legitimate interest of managing and fulfilling our and your obligations according to our contract.
To manage and fulfil our payment obligations according to our contract.

If you are a private individual or sole trader: The processing is necessary for the fulfilment of our contract.

If you are the contact: The processing is necessary for our legitimate interest of receiving and paying invoices.

How long do we save your personal data for?

If you are a contact, your personal data is processed for as long as you are the designated contact for the company with which we have a contract.

If you are the person who carries out assignments for Fabege on behalf of a company, your personal data is processed for as long as the contract relationship with the company persists, or for as long as the company’s guarantee period for services carried out/goods supplied continues, or for as long as we need to save your data due to legal or regulatory requirements.

If you are a private individual or sole trader that has a contract with Fabege, your personal data is processed for as long as our contract relationship persists, or for as long as the guarantee period for your services carried out/goods supplied continues, or for as long as we need to save your data due to legal or regulatory requirements.

For job applicants

What personal data about you do we process?

We process personal data when you (i) apply for an advertised position with us, or (ii) register interest in employment with us via an unsolicited application. Such personal data includes the details you provide in connection with your application, such as name, contact details, date of birth, CV, cover letter, certificates and/or study grades, previous and/or current employers and other information that you submit to us voluntarily. In addition, we may process personal data comprising notes about you from interviews and reference conversations, as well as the results of any tests and background checks.

Why do we process your personal data?

We process your personal data exclusively for the purposes, and in accordance with, the legal grounds stated below.

Purpose of the processing Legal grounds for the processing
To recruit new employees. The processing is necessary for our legitimate interest of recruiting new employees. Some of our positions require a background check to be carried out prior to us making an offer of employment. We may also request certificates, for example evidence that you completed your degree. In such cases, we obtain your consent at a later stage of the recruitment process, and not in connection with you applying for the position.

How long do we save your personal data for?

If your application relates to an advertised position and does not lead to an offer of employment, we save your data for two years in case we should need it for any potential discrimination claim. If you have submitted an unsolicited application, we save your personal data for two years.